Connecting to Mongo DB on GCE instance - mongodb

I have a Google Compute Engine instance which is running an active MongoDB server. I can connect to and interact with the server on the local machine via SSH.
However, when I attempt to connect to the database instance from an external source, like my home computer, I'm getting a connection refused. I have setup a firewall rule on the default network that looks like this:
Source Ranges:
0.0.0.0/0
Allowed Protocols or Ports:
tcp:27017
udp:27017
However, even after adding this rule to the default network I am still getting a connection refused when running:
$ mongo [ipaddress]
I'm not sure why the instance is refusing the incoming connection.

Related

Not able to connect to mongodb running in VM (virtual Machine) from local system

I created an AWS EC2 (ubuntu-20.04) instance and setup a mongo server as per https://www.mongodb.com/docs/v4.4/tutorial/install-mongodb-on-ubuntu/
(mongo server is running in default port 27017 and not secured by any username/password)
I am able to connect to it from within the VM (after connecting to VM by SSH), by running the terminal command:
mongo
I have configured EC2 instance's Security Group's inbound rule to access port 27017 from my local system's IP.
however when I try to connect to it from my local system's terminal by command:
mongo --host "<public_ip_of_vm>:27017"
Its throwing error:
connecting to:
mongodb://<public_ip_of_vm>:27017/?compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server <public_ip_of_vm>:27017, connection attempt
failed: SocketException: Error connecting to <public_ip_of_vm>:27017 :: caused
by :: Connection refused : connect#src/mongo/shell/mongo.js:374:17
#(connect):2:6 exception: connect failed exiting with code 1
Not sure what's causing this issue, I have checked the ufw rules too.
port 27017 is open.
Did you modify ?
/etc/mongod.conf
Have a look at this tutorial, especially the step 2. Maybe this helps
https://ianlondon.github.io/blog/mongodb-auth/
Connection refused means you probably do not have a firewall problem. Connection timeout indicates a firewall issue.
Since you can connect locally via localhost, the error indicates that the mongo process is only listening on localhost.
Edit the file /etc/mogod.conf. The interesting line is bindIp.
It should look like this for IPv4 only:
bindIp: 0.0.0.0
If you have IPv6 enabled
bindIp: ::,0.0.0.0
Warning: enable authentication first. You might be hacked faster than you might expect.

How to configure HAProxy to forward requests to Mongo database

Is it possible to setup/use HAProxy to forwards requests to a mongo database? If so can someone provide a basic example of how to set this up in the haproxy.cfg file?
I tried this, but this doesn't work:
listen mongo
bind 10.123.45.6:27017
mode tcp
balance roundrobin
server mongo1 10.456.78.9:27017
Where 10.123.45.6 is the IP of instance w/ HAProxy installed.
Where 10.456.78.9 is the IP of instance w/ mongodb installed.
Screenshot when trying to invoke client via command line:
C:\Program Files\MongoDB\Server\3.6\bin>mongo "mongodb://10.123.45.6:27017"
MongoDB shell version v3.6.11
connecting to: mongodb://10.123.45.6:27017/?gssapiServiceName=mongodb
2020-01-23T15:53:41.707-0800 W NETWORK [thread1] Failed to connect to 10.123.45.6:27017 after 5000ms milliseconds, giving up.
2020-01-23T15:53:41.707-0800 E QUERY [thread1] Error: couldn't connect to server 10.123.45.6:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:263:13
#(connect):1:6
exception: connect failed
Your settings are right, however I am adding an example for you
listen port_27017
bind :27017
mode tcp
server mongodb-port 10.156.78.9:27017
It should connect, but just to confirm from where are trying to connect? Is it within the local network or somewhere from the cloud. Because as per RFC 1918 all the 10.0.0.0/8 belong to private network, if you are outside the network and trying to access the 10.123.45.6 it won't work.
And if it is within network, and try to tail the log of HAProxy and see if it is able to connect to the Mongo or not.
If it is outside, you need to connect to HAProxy using it's public IP address rather than private IP.

Linking mongoDB to elasticbeanstalk application

So I have this problem where my node application that is ran by Docker in elasticbeanstalk cant establish a connection with mongoDB instance that is in another elasticbeanstalk environment under the same application(it deployed and ran with Docker aswell).
I have made sure that both of them are in the same VPC and that the mongoDB instance accepts inbound connections from the security group that the node application is under(inbound connections are accepted on port 27017).
Node application uses mongoDBs private IP in the connection string. Should work because they are in the same VPC.
Somehow the node application cant connect to the mongoDB instance and it throws the same error always.
*** DATABASE ERROR: MongoNetworkError: failed to connect to server [private-ip-here:27017] on first connect [MongoNetworkError: getaddrinfo ENOTFOUND private-ip-here private-ip-here:27017] ***
Can anyone give me advice what am I doing wrong ?
Most likely reason would be not configuring mongod.config file in etc directory.
There would be something like :
net:
bindIp: 127.0.0.1
Comment the bindIP or replace it with your server's IP Address.

PGAdmin III cannot connect AWS RDS

I am trying to connect AWS RDS PostgreSql from PgAdmin 3. I followed the below link
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html
In Security Group, I also added PostgreSQL and All traffic as below
The "publicly accessible" flag was enabled (updated after Mark B's comment)
I got the error from PGAdmin3
Very appreciate for any suggestion
******UPDATE*******
I can connect pgAdminIII to AWS RDS successfully using home wifi, but cannot connect using office wifi.
My concern is:
Was the port 5432 blocked by office wifi?
How can I configure/update the port without impacting to current API?
Note: My current API is working well (CRUD)
Can you can test your connection to a DB instance using common Linux or Windows tools first?
From a Linux or Unix terminal, you can test the connection by typing the following (replace with the endpoint and with the port of your DB instance):
$nc -zv DB-instance-endpoint port
For example, the following shows a sample command and the return value:
$nc -zv postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com 8299
Connection to postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com
8299 port [tcp/vvr-data] succeeded!
Windows users can use Telnet to test the connection to a DB instance. Note that Telnet actions are not supported other than for testing the connection. If a connection is successful, the action returns no message. If a connection is not successful, you receive an error message such as the following:
C:>telnet sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com
8299
Connecting To sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com...Could not
open connection to the host, on port 819: Connect failed
If Telnet actions return success, then you are good to go.
If you are trying to access it from a network which is not listed for that port. you need to add inbound rules for those network IPs from AMAZON RDS system
You will also need to set Public accessibility true under Connect & security tab in RDS console.
Read this post.In your security group go to unbound rules and add my ip.
and make sure your database is public.
https://serverfault.com/questions/656079/unable-to-connect-to-public-postgresql-rds-instance

RDS Postgresql DB connection timeout from Heroku

I'm unable to connect to a new PostgreSQL in AWS RDS.
I have a Heroku app and I would like to use Amazon RDS for my database instead of Heroku. For that I've been following this guide: https://www.reinteractive.net/posts/128-heroku-app-backed-by-an-aws-rds-postgres-database
I've made a backup from my current Heroku DB and want to load it on the new database.
My security group for the database allows all inbound connections for port 5432 (0.0.0.0/0) and I've made a new VPC to have my DB set as Publicly Accesible (DNS hostnames and DNS resolution enabled). I created the database on postgres version 9.4.9.
However when I do:
-f latest.sql --host=xxx.xxx.us-west-2.rds.amazonaws.com --port=5432 --username=awsuser --password --dbname=mydatabase
from my computer, I only get a connection time out error:
psql: could not connect to server: Connection timed out
Is the server running on host xxx.xxx.us-west-2.rds.amazonaws.com" (1.2.3.4) and accepting
TCP/IP connections on port 5432?
The server is indeed running. In this case latest.sql is the backup I did. After this I edited the Database security groups to accept all connections (0.0.0.0/0) too.
Database Rules
(from what I've read this should not be necessary because I already have the VPC Security Group), but the result is the same.
Is there any way to trace what's going on / why is my connection getting blocked?